Thread: Killing inactive connections
I run a clinical data warehouse using PostgreSQL 7.1.2_2 on FreeBSD 4.3-stable. Data security and privacy standards have been enacted at the federal level via the Health Insurance Portability and Accountability Act (HIPAA). One of the rules requires timed logouts. If someone walks away from their desk for a certain amount of time, the connection should time-out; and the employee must log back into the application. Data analysts access my databases using MS Access. Is there a way in PostgreSQL to track inactivity and close inactive connections after a specified length of time? Thanks, Andrew Gould __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/
Andrew Gould <andrewgould@yahoo.com> writes:
> Is there a way in PostgreSQL to track inactivity and
> close inactive connections after a specified length of
> time?
Not at present. This seems to me to be something that has to be
implemented on the client side, anyway. We could conceivably implement
an idle-timeout in the backend, but what it would be measuring is time
between SQL requests, which proves little about whether there is someone
awake at the other end. Two counterexamples:
1. User starts a long-running SQL script and walks away. Backend will
not time out, but you're not meeting the regulation.
2. User is intensely interacting with his app, but is doing something
that does not trigger SQL requests. Backend times out and drops
connection. At the very least this annoys the user; quite possibly
it causes him to lose work, depending on how robust his app is about
reconnecting.
So I don't think that this is an issue for Postgres to solve. If Access
can't do it, maybe you need a different frontend app that can.
regards, tom lane
Andrew Gould <andrewgould@yahoo.com> writes:
> Hhmmmm. I see what you mean. Perhaps an office
> policy regarding password protected screen savers or
> screen locks would meet the regulation's intent.
That seems like a good solution: easy, does the right thing,
shouldn't break anything.
regards, tom lane
Hhmmmm. I see what you mean. Perhaps an office policy regarding password protected screen savers or screen locks would meet the regulation's intent. (It would also be simple and cheap.) Thanks, Tom. Andrew Gould --- Tom Lane <tgl@sss.pgh.pa.us> wrote: > Andrew Gould <andrewgould@yahoo.com> writes: > > Is there a way in PostgreSQL to track inactivity > and > > close inactive connections after a specified > length of > > time? > > Not at present. This seems to me to be something > that has to be > implemented on the client side, anyway. We could > conceivably implement > an idle-timeout in the backend, but what it would be > measuring is time > between SQL requests, which proves little about > whether there is someone > awake at the other end. Two counterexamples: > > 1. User starts a long-running SQL script and walks > away. Backend will > not time out, but you're not meeting the regulation. > > 2. User is intensely interacting with his app, but > is doing something > that does not trigger SQL requests. Backend times > out and drops > connection. At the very least this annoys the user; > quite possibly > it causes him to lose work, depending on how robust > his app is about > reconnecting. > > So I don't think that this is an issue for Postgres > to solve. If Access > can't do it, maybe you need a different frontend app > that can. > > regards, tom lane __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/
Hi,
From what I gather, your "feature" should be placed in the client and
not on the server... Therefore, if you had an MS Access or some other
application, accessing your backend server, and your APPLICATION is
being idle for N time units, then you can set your APPLICATION to log
the user out. At least, that's how I would approach it..;-)
Hope that helps...;-)
Cheers,
John Clark
Andrew Gould wrote:
>
> I run a clinical data warehouse using PostgreSQL
> 7.1.2_2 on FreeBSD 4.3-stable. Data security and
> privacy standards have been enacted at the federal
> level via the Health Insurance Portability and
> Accountability Act (HIPAA).
>
> One of the rules requires timed logouts. If someone
> walks away from their desk for a certain amount of
> time, the connection should time-out; and the employee
> must log back into the application.
>
> Data analysts access my databases using MS Access. Is
> there a way in PostgreSQL to track inactivity and
> close inactive connections after a specified length of
> time?
>
--
/) John Clark Naldoza y Lopez (\
/ ) Software Design Engineer III ( \
_( (_ _ Web-Application Development _) )_
(((\ \> /_> Cable Modem Network Management System <_\ </ /)))
(\\\\ \_/ / NEC Telecom Software Phils., Inc. \ \_/ ////)
\ / \ /
\ _/ phone: (+63 32) 233-9142 loc. 3113 \_ /
/ / cellphone: (+63 919) 399-4742 \ \
/ / email: njclark@ntsp.nec.co.jp \ \
"Intelligence is the ability to avoid doing work, yet getting the work
done"
--Linus Torvalds
On Thu, Aug 16, 2001 at 03:28:47PM -0700, Andrew Gould <andrewgould@yahoo.com> wrote: > Hhmmmm. I see what you mean. Perhaps an office > policy regarding password protected screen savers or > screen locks would meet the regulation's intent. (It > would also be simple and cheap.) This is a much better solution. Timeouts suck and don't work well. They take too long to happen when people leave their desk area and get in the way of people trying to work. (This often gets to the point where people run things that prevent timeouts.) Putting an icon on the desktop for a password protected screen saver makes it relatively painless to moderately secure a computer when you step away from your desk.